350-901 · Question #63
350-901 Question #63: Real Exam Question with Answer & Explanation
The correct answer is A: URI to which the authorization server will send the user-agent back when access is granted or denied. The authorization code is a temporary code that the client will exchange for an access token. The code itself is obtained from the authorization server where the user gets a chance to see what the information the client is requesting, and approve or deny the request. The followin
Question
An application uses OAuth to get access to several API resources on behalf of an end user. Which are two valid parameters to send to the authorization server as part of the first step of an authorization code grant flow? (Choose two.)
Options
- AURI to which the authorization server will send the user-agent back when access is granted or denied
- Blist of the API resources that the application is requesting to access
- Csecret that was generated by the authorization server when the application registered as an OAuth integration
- Dlist of scopes that correspond to the API resources to which the application is requesting to access
- Ename of the application under which the application registered as an OAuth integration
Explanation
The authorization code is a temporary code that the client will exchange for an access token. The code itself is obtained from the authorization server where the user gets a chance to see what the information the client is requesting, and approve or deny the request. The following parameters are used to make the authorization request. You should build a query string with the below parameters, appending that to the application's authorization endpoint obtained from its documentation. • client_id • The client_id is the identifier for your app. You will have received a client_id when first registering your app with the service. • redirect_uri (optional) • scope (optional) • state (optional)
Topics
Community Discussion
No community discussion yet for this question.